Sam Bankman-Fried convicted on seven charges

Sam Bankman-FriedSam Bankman-Fried (attribution)
After less than five hours of deliberation, a jury convicted Sam Bankman-Fried of seven fraud and money laundering charges. The conviction followed a five-week-long trial which culminated in Sam Bankman-Fried himself taking the stand, only to appear evasive and sullen as he told prosecutors he couldn't recall many significant events from his time as FTX CEO.

Sentencing is scheduled for March 28, 2024, though scheduling could be affected by factors including whether the US decides to continue pursuing an additional five charges also set to be tried in March.

Monero discloses that its community crowdfunding wallet was drained

Monero's Community Crowdfunding System (CCS) funds projects that aim to improve the ecosystem of Monero, a privacycoin. The CCS is funded by donations, and up until September 1, 2023, held a balance of 2675.73 XMR (~$460,000). Two months after the fact, "Luigi" (a Monero developer and one of the two people with access to the wallet seed phrase) disclosed on Github that the wallet had been drained entirely. According to Luigi, he only discovered this a month after the theft.

The other person with access to the wallet is a former Monero developer named "fluffypony", or Ricardo Spagni. He surrendered to US authorities in July 2023 for extradition to South Africa, where he has been charged with invoice fraud against a cookie company (think chocolate chip, not software). However, he was released in late September, and has been working to "address this matter" while free but under court supervision.

Safemoon executives charged and arrested

An indictment charging SafeMoon executives with defrauding investors via their SafeMoon token was unsealed in the Eastern District of New York. Three defendants were charged with conspiracy to commit securities fraud, conspiracy to commit wire fraud and money laundering conspiracy for their roles in creating Safemoon, a crypto token that once boasted a "market cap" of around $8 billion.

SafeMoon promised buyers it would "safely go to the moon" by locking the liquidity pool so that its developers couldn't rug pull. In reality, the "locking" didn't prevent the developers from removing tokens from the liquidity pool in other ways, which they did to the tune of millions of dollars. They then spent the proceeds of their crimes on personal expenses, like luxury sports cars and real estate.

Alongside the charges from the Department of Justice, the Securities and Exchange Commission simultaneously brought a lawsuit against the SafeMoon executives for violating registration and anti-fraud provisions of securities laws.

Ryder Ripps loses Bored Apes infringement lawsuit, ordered to pay $1.6 million and legal fees

A judge has ordered Ryder Ripps and his co-defendant Jeremy Cahen to pay almost $1.6 million in disgorgement and damages after they created a collection of identical NFTs to the popular Bored Ape collection. The duo were sued for trademark infringement in June 2022 over their RR/BAYC project, which Ripps and Cahen tried to argue was an art project created to draw attention to racist imagery they and others have identified in the project.

In August, Ripps tried unsuccessfully to get the lawsuit dismissed via anti-SLAPP protections.

Now they're on the hook for $1.375 million in profits they earned from their copycat project and $200,000 for domain cybersquatting violations. They also must transfer control of two domain names, two Twitter accounts, and the RR/BAYC smart contract. Worse yet, the court found that this was an "exceptional case" because of the defendants' behavior, which included being "obstructive and evasive", and "unnecessarily and inappropriately ma[king] disgraceful and slanderous statements about Yuga, its founders, and its counsel" throughout the case. As a result, they will also have to pay Yuga's attorney's fees.

AuBit, the company behind Freeway, enters liquidation

A judge in the Cayman Islands has placed Aubit, the firm behind the Freeway crypto project, into liquidation. Freeway was a crypto lending project that promised annual returns as high as 43%, at least until it halted withdrawals in October 2022, claiming it was due to "unprecedented volatility" in forex and crypto markets. Withdrawals were never re-enabled, leaving around $160 million in total customer assets out of reach.

A lawsuit from an institutional customer was filed against the company in August, calling the project "a scam".

AuBit has tried to argue that it should be allowed to restructure, but the Cayman Islands judge opted to force the firm to liquidate, citing "a real absence of proper accounting".

Treasury Department introduces proposal targeting crypto mixers

The U.S. Treasury Department introduced a proposal for new regulation that would require cryptocurrency mixers (also called tumblers) to up their recordkeeping and reporting processes. Needless to say, for a class of projects intended to help people anonymize their cryptocurrency transactions and make them more challenging for governments and others to track, this would somewhat undermine the whole point.

That seems to be the intention of the Treasury Department, who described mixers as primarily used for illicit money laundering "by a broad range of illicit actors, including state-affiliated cyber actors, cyber criminals, and terrorist groups".

Superdao to shut down

Superdao, a project aiming to assist communities in forming DAOs, has announced it will be closing its doors. It was blunt in its announcement: "it became clear that the crypto industry itself becomes much smaller than its initial ambition ('the new internet') and specialized tools for crypto companies are unlikely to produce venture-scale outcomes."

The project had raised $10.5 million in a 2021 seed funding round, and has said they intend to return remaining funds to its investors.

Gemini, Genesis, and DCG sued over $1 billion alleged fraud

The New York Attorney General filed suit against Gemini, Genesis, and Digital Currency Group (DCG), a group of companies that have been involved in a bitter feud amongst themselves. As Genesis undergoes bankrutpcy proceedings, Gemini and its Winklevoss twin cofounders have been firing accusations of fraud at them as they try to recover around $900 million of their customer funds that were with Genesis when it collapsed.

Now, the New York Attorney General is alleging that Gemini repeatedly lied to investors about its Gemini Earn program, assuring them that it was low-risk when internal analysis had revealed Genesis' loans to in fact be quite risky. Some personnel involved in evaluating this risk even withdrew their own funds from the program in the summer of 2022.

Genesis, DCG, and DCG CEO Barry Silbert are charged with defrauding both investors and the public when they tried to cover up $1.1 billion in losses. The lawsuit alleges that Genesis had not properly audited its borrowers, and lied to Gemini about regular reviews of borrowers' financial conditions.

In a press release, the AG claims that the companies' actions resulted in around $1 billion in losses, including in some cases their customers' entire life savings.

Hope Lend emptied in $825,000 hack

A small defi protocol called Hope Lend was drained of nearly all its assets when attackers stole around 526 ETH (~$825,000). Hilariously, the project claims the hacker was frontrun by a watchful third party, who paid half of the stolen funds (~264 ETH, or around $414,000) to an ETH validator to allow them to frontrun the transaction. The original attacker who discovered the bug reportedly made no money at all.

The stolen assets represented the entire TVL of the project.

Everscale halts bridge as "large number" of tokens stolen

The team behind the Everscale blockchain project disclosed that a "large number" of tokens had been stolen. In an attempt to thwart the attacker from cashing out, they announced that they had halted the project's bridge.

The team did not announce how many tokens were stolen. The price of $EVER suffered a 20% drop, though whether it was due to an attacker selling off tokens or collective panic by other token holders is not clear. The method of the theft was also not described.

Reddit abandons blockchain-based Community Points

Reddit's attempt to blockchainify their signature Reddit karma has come to an end as the company has decided to pull the plug on the feature. The idea was that users could "own a piece of their community" (what?) by racking up points for their positive contributions, which they could then spend on perks like custom badges.

Reddit attributed the decision to scaling difficulties, regulatory uncertainty, and the quantity of resources the company found itself having to put into the feature. The tokens were only used on a handful of subreddits, and the team had migrated them from the Ethereum blockchain to the Arbitrum Nova L2 chain, but despite that scaling continued to be a problem.

The news caused a massive dive in the prices of $MOON and $BRICK, the two Reddit tokens, as holders tried to exit their positions before the tokens became useless. Some angrily accused Reddit of rug-pulling, threatening legal action. One wrote, "I wish you guys knew how reckless this decision is and how many people you've hurt." Some accused subreddit moderators of selling when they learned about the decision an hour before it was made public.

Others were delighted at the news, however. One wrote, "Thank the effing Lord. This moons caused so much shit tier spamming for over a year."

Fantom Foundation and employees lose collective $7 million in mass hack

An attack targeting the Fantom Foundation and its employees siphoned $7 million from wallets under their control. Of that, around $550,000 were funds belonging to the Fantom Foundation. One individual employee reportedly lost $3.4 million.

It's not clear yet how the attack was perpetrated, although crypto researcher Spreek reposted a comment by an admin in Fantom's Telegram channel, where they blamed the theft on a zero-day exploit in Google Chrome.

TrueUSD tries to claim no affiliation with tokens created by its deployer address, raising further questions

A new, Euro-pegged stablecoin called $TEURO emerged on October 13, with an initial supply of around €70 million. However, TrueUSD subsequently tweeted that "we have zero affiliation with it". The post warned people to "step back and refrain from risky investments".

However, the post raised only more questions, as the $TEURO token had been deployed by the address that deployed the primary TrueUSD token. This means that either TrueUSD is lying when they claim they're unaffiliated with $TEURO, or some of their private keys were compromised, allowing an unrelated party to deploy a contract appearing to belong to them.

Almost $100 million liquidated over false news of Bitcoin ETF approval

A sudden spike and then rapid decrease in the price of Bitcoin, from just under $28,000 to $30,000 and then back to around $28,000October 16 Bitcoin price spike (attribution)
A post falsely announcing that the SEC had approved a spot Bitcoin ETF caused $100 million in liquidations as the market briefly surged on the news. $81 million in short positions were liquidated as Bitcoin shot up to $30,000 from just under $28,000, and another $31 million in long positions were liquidated as the news turned out to be false.

The post by crypto media outlet CoinTelegraph was based on a faked screenshot of what appeared to be the Bloomberg Terminal. The post quickly propagated through the crypto world before people began to question its veracity. CoinTelegraph later issued an apology, blaming the incident on a failure by employees to follow the normal editorial approval process.

This adds to the list of incidents that illustrate the extent to which false reporting by traditional or crypto media, or by influential personalities, can move crypto markets. Past incidents have included a crypto Twitter personality tweeting the false rumor that Interpol had issued a red notice for Binance CEO Changpeng Zhao, and two instances of token price spikes based on false press releases claiming major corporations would accept the tokens as payment.

South Korean regulators allege Sui Foundation manipulated markets

A lawmaker in South Korea has alleged that the Sui Foundation has engaged in market manipulation to enrich themselves. The South Korean Financial Supervisory Service reportedly launched an investigation into the distribution of the SUI token following Representative Min Byeong-deok's allegations, intending to determine whether there was truth to his claims that they had paid themselves interest by staking tokens that should have been left untouched in the non-circulating supply.

The Sui Foundation has disputed the allegations on Twitter, calling them "unfounded and materially false".

Hackers host malicious code on Binance chain to circumvent takedowns

An otherwise very "web2" hack has taken on a web3 twist as hackers have started to store malicious code on the blockchain. Attackers first compromise WordPress websites, then show a screen to visitors telling them they need to update their browser to view the website. When the visitor does so, the site downloads malware which then harvests information like login credentials.

Attackers previously stored the malicious code on typical webhosting services, but those services began to take it down. Now, some have started using Binance's blockchain to store these payloads, taking advantage of the immutable nature of blockchains to prevent anyone from taking it down.

USDR stablecoin de-pegs

The real-estate-backed US dollar stablecoin "Real USD" (aka USDR) lost its peg, dropping from $1 to around $0.53. The website for the stablecoin was — even after the depeg — promising customers 16.39% yields.

The de-peg occurred amid a "liquidity crunch" as holders rushed to redeem their USDR for the DAI stablecoin, draining the project of its DAI reserves. The team behind the project, TangibleDAO, issued a statement stating that "the real estate and digital assets backing USDR still exist and will be used to support redemptions." However, despite their insistence that the problem is just a liquidity issue rather than a solvency one, a dashboard on their own website showed that the stablecoin isn't fully backed and has a deficit of around $3.4 million.

In a related incident, a trader trying to swap their $131,350 in USDR for the USDC stablecoin lost every penny of it when their transaction was arbitraged by a MEV bot.

Platypus Finance hacked for a third time this year

At this point, they should probably just have a form email ready to go. Platypus Finance has suffered a cumulative $2.23 million in losses thanks to several attacks on the platform over the course of several hours. This set of hacks followed a $8.5 million hack in February, and another hack of at least $150,000 in July.

Platypus was quickly able to recover $575,000 from this latest hacker, thanks to a flaw in their attack. Later, they recovered all but $167,400 of the stolen funds after coming to an agreement with the attacker that they would not pursue legal action.

CFTC and FTC sue Voyager CEO Stephen Ehrlich

Stephen Ehrlich, sitting and speaking into a microphoneStephen Ehrlich (attribution)
Simultaneous civil lawsuits from the Commodity Futures Trading Commission (CFTC) and Federal Trade Commission (FTC) against former CEO of the collapsed Voyager crypto lender accuse him of fraud and making deceptive claims to customers.

The FTC lawsuit focuses on Voyager's claims suggesting to customers that accounts with the lender were FDIC insured. That complaint also names Voyager as a defendant. Voyager settled with the FTC, agreeing to pay a $1.65 billion judgment that will be suspended until customers are repaid.

Black Hole Token exploited for $1.28 million

The Black Hole Token project suffered a $1.28 million apparent exploit, according to security firm PeckShield, though it's hard not to wonder if it might have been a rug pull.

Black Hole Token is a Chinese project built on BNB Chain, which promises an original mechanism that only goes up. "The more you sell, the more the price goes up", promises their website.

Sounds legit.

Fintoch scammers strike again with $1.6 million FinSoul scam

A metaverse gaming project called FinSoul promised users “sandbox worlds, multiplayer sports, leisure experiences, player socializing, MMORPG,” and other features. However, on October 10, the project team made off with $1.6 million, which they then tumbled through Tornado Cash.

The team behind the FinSoul project was reportedly the same as the group who pulled off the much larger $31 million Fintoch exit scam in May. They used similar strategies, including using paid actors to pose as their executive team, to push the FinSoul scam.

FSL token rug pulls for $1.68 million within 24 hours of launch

The BNB Chain-based FSL token rug pulled within 24 hours of launching, with developers draining $1.68 million of liquidity they had amassed.

Goldfinch lending platform facing $7 million loss

Goldfinch is a decentralized lending platform aiming to provide undercollateralized loans, an unusual strategy in the crypto world where loans are typically overcollateralized due to the difficulty in evaluating the trustworthiness of borrowers and in preventing them from just taking off with the loan funds.

They may now be discovering this was a bad idea, as an impending default on a $20 million loan from February 2022 threatens the platform with a possible $7 million loss.

The loan went to a fintech credit fund called Stratos, who in turn used the money for a risky real estate technology investment (now written down to zero), crypto investments of their own (not disclosed to Goldfinch, and sold at a "near full loss"), and other investments. Stratos is, awkwardly, an investor in Goldfinch, and Stratos' founder was an advisor.

This is not the first loan gone bad for Goldfinch, who suffered a loss when an African motorcycle taxi financing company used a $5 million loan to try to plug the hole in the finances of a sister company.

A commenter on the disclosure about the distressed loan wrote, "This is the second occurrence of a lack of transparency from a borrower or a lack of auditing capability from Goldfinch. We can all appreciate that Warbler Labs will backstop the loss, but it is increasingly worrying to discover a complete lack of control from the loan underwriter, especially in the context of Stratos being an equity investor in Goldfinch."

Trader Joe's sues Trader Joe

The American supermarket chain and cookie butter paradise, Trader Joe's, has filed a lawsuit against the popular Trader Joe decentralized exchange. According to the lawsuit, the supermarket believes the exchange is trying to benefit off the supermarket's popularity.

This is actually the second such lawsuit by the supermarket against the exchange, after the first was thrown out when defendants claimed that they had simply named the project after the co-founder's brother, Joe. However, shortly after the victory, a co-founder admitted on their blog that they "just named it Trader Joe, after the supermarket".

Trader Joe's is seeking all profits made by the exchange, plus damages and compensation for the failed lawsuit last year.

3Commas suffers another security breach

3Commas, a crypto trading bot provider, suffered another security breach in which some customer wallets were used to make unauthorized trades. They haven't disclosed how much in assets were lost.

This isn't the first security breach to tarnish 3Commas' reputation. In October 2022, customers reported losing a significant amount of assets in what 3Commas first tried to blame on phishing websites resembling FTX. 3Commas months later owned up to the fact that their database had been compromised, and that API keys were leaked.

UK's Financial Conduct Authority warns of Huobi and KuCoin

The United Kingdom's Financial Conduct Authority (FCA) has added another 146 entries to its "warning list" of unauthorized firms, including the crypto exchanges Huobi and KuCoin. The additions pertained to new regulations that require crypto firms who want to run promotions in the country to register with the FCA, and comply with regulations aiming to prevent misleading advertisements.

The warning list was created to notify potential users of these firms, and to inform them that losses related to the use of those platforms won't be covered by the UK's compensation scheme.

Huobi has claimed they don't operate or promote in the UK, while KuCoin gestured towards adjusting its practices in the UK. Firms on the warning list may be subjected to more serious enforcement actions in the future, including fines or even prison time.

Astrology-themed NFT project Lucky Star Currency rug pulls for $1.1 million

Lucky Star Currency was an NFT-focused project released by a group claiming to be made up of astrologists. The group was heavily promoted on Chinese news and Q&A platforms. However, not long after its release, the contract creator withdrew more than 1.6 million LSC tokens and swapped them for approximately $1.1 million.

Bitcoin mining hardware manufacturer Bitmain stops paying employees

Bitmain, the manufacturer of popular Bitcoin mining equipment (known as ASICs), is apparently in such dire financial straits that it can no longer pay employee salaries. Local media reported that all "bonuses and incentives" were nixed by the Beijing-based company, and the firm is considering cutting all wages by 50%. They also wrote a letter to employees, informing them that they would not be paying out September salaries until a review later in the month.

Stars Arena exploited for $3 million

Stars Arena, an Avalanche-based dupe of the popular Friend.Tech project, suffered a serious exploit in which an attacker drained tokens priced at around $3 million.

Avalanche co-founder and CEO Emin Gün Sirer drew widespread mockery when announcing that "the amount lost is only $3m", apparently not perceiving that $3 million is a massive sum to most people. He also didn't mention that it constituted almost the entire total TVL of the Stars Arena project, which was left with less than $1 in tokens following the attack.

Stars Arena was fortunate, in that the hacker ultimately contacted them offering to make a deal. The attacker returned 90% of the funds, keeping $300,000 as a "bounty".

THORSwap temporarily shuts down web interface as FTX hacker tries to launder $131 million

The THORSwap decentralized exchange has put its web interface into "maintenance mode" in hopes of thwarting the thief who stole over $400 million from the FTX exchange as it was mid-collapse in November 2022. Those funds have remained largely for almost a year, until the thief began moving funds recently — interestingly, coinciding with the start of Sam Bankman-Fried's criminal trial.

The attacker tried to launder around $131 million of the stolen assets by routing them through services including Railgun and THORSwap. After "consultation with advisors, legal counsel, and law enforcement", THORSwap decided to pause its web interface in hopes of making money laundering more challenging for the attacker — although the thief could still interact with the THORSwap smart contracts directly, if they so chose.

Some criticized THORSwap for apparently caving on its censorship-resistant, decentralized ethos. Others, however, saw the move as understandable given the THORSwap developers reside in the United States, which has recently cracked down on mixing services that facilitate the laundering of illicit funds.

Gitcoin loses $500,000 in transfer SNAFU

After agreeing to allocate $500,000 to "MMM" (merchandise, memes, and marketing — no, really), Gitcoin screwed up sending the money so badly that it's gone forever. Whoever was in charge of making the transfer accidentally pasted the Gitcoin contract address into the recipient field, rendering the tokens permanently inaccessible. Such mistakes can be devastating, and yet are very common in the crypto world, where transfers are irreversible.

Bored Apes' Yuga Labs lays off employees

A sad-looking ape with dark grey fur, wearing a yellow rain cap and a striped shirtBAYC #5262 (attribution)
Even the best known NFT brand can't escape the effects of a collapsing industry. Yuga Labs, the company behind the blue-chip Bored Apes NFTs and related collections, and the acquirers of collections including CryptoPunks, has announced that it will be joining the many other companies in the crypto world performing layoffs. They did not disclose how many employees would be losing their jobs.

"It's a challenging time, not only for our industry but also for the global economy," wrote Yuga Labs CEO, apparently hoping that people ignorant to the past year of disaster across the NFT industry might be willing to attribute Yuga Labs' struggles to macroeconomic forces and not the implosion of the crypto — and particularly NFT — world.

BigWhale loses $1.5 million in private key leak

The defi staking and lending project BigWhale announced that the private key to one of their crypto wallets had been leaked, and 7,200 BNB (~$1.5 million) had been stolen.

In a long post on Twitter, the project promised "we will refund all investor funds down to the last cent". They also wrote that "Not only are we going to use the fullest extent of the law to go after the person or persons behind this hack / attack, we will also use ALL OTHER MEANS NECESSARY - and we do have such resources at our disposal, to go after the ones who are behind this. (We work with assets within the Russian government directly...)"

In a later post on their website, however, they wrote that they do "not bear legal liability to refund investors for the losses incurred unless the hacked funds are successfully recovered", attributing the incident to force majeure. They repeatedly claimed that they had not been involved in the theft. The project completely took down its website, redirecting it to this post.

Former FTX auditor Prager Metis sued by SEC for hundreds of alleged violations

Prager Metis' headquarters in Decentraland, a blocky, slightly futuristic, grey and orange building with the Prager Metis logoPrager Metis' headquarters in Decentraland (attribution)
The U.S. Securities and Exchange Commission filed a lawsuit against auditor Prager Metis, who they allege violated auditor independence rules and aided and abetted their clients' violations of federal securities laws. According to the SEC, Prager Metis included indemnification provisions in more than 200 audits, reviews, and exams, which renders the firm no longer independent in its investigations of those clients.

Prager Metis is among the auditors who audited FTX, and was noted by FTX's CEO-in-bankruptcy John J. Ray III for advertising itself as "the first CPA firm to officially open its headquarters inside the metaverse".

None of the clients involved with the faulty audits were disclosed in the lawsuit, and the SEC has not issued any statements connecting the charges to the FTX collapse.

Three Arrows Capital co-founder Su Zhu jailed for four months

Co-founder of the collapsed Three Arrows Capital hedge fund, Su Zhu, was arrested in Singapore while allegedly trying to leave the country. He and his cofounder Kyle Davies have been uncooperative with investigations into the June 2022 implosion of the fund, and were both sentenced to four months imprisonment as a result. Davies has not been arrested because his whereabouts are currently unknown.

Three Arrows Capital fell apart in June 2022, and was among one of the first major collapses that set off a domino effect of crypto company failures throughout that summer and the rest of the year.

Chase UK to block payments for crypto

Chase Bank’s UK branch has decided it will completely block debit card purchases and bank transfers that it identifies as being "related to crypto assets", a move they say is motivated by an increase in crypto scams targeting UK customers. Chase customers who want to buy crypto will have to use some other bank, Chase has said.

The change is scheduled to go into effect on October 16.

JPEX appears to be a $191 million fraud

After the Hong Kong-based JPEX exchange limited withdrawals amidst what appeared to be an impending collapse of the platform, things are now looking a lot more like fraud.

Police have received more than 2,200 complaints pertaining to the exchange, involving $191 million (and counting) in possible losses. Eleven people, including various crypto influencers who had promoted the exchange, were taken in for questioning. However, police have said those eleven people were not likely central to the fraud, and that the leaders of the JPEX project are on the run.

According to the South China Morning Post, "The alleged case of financial fraud involving HK$1.37 billion is the largest of its kind in Hong Kong's history."

Upbit briefly suspends Aptos transactions after people were able to deposit counterfeit tokens

Upbit, a major South Korean cryptocurrency exchange, suddenly suspended deposits and withdrawals of the Aptos $APT token after some users were able to deposit and withdraw fake versions of the token that were intended to spoof the original. Because of a bug in how Upbit verified tokens, transfers of the spoofed token were identified as transfers of the native Aptos token, which could have caused a massive loss if users began redeeming the fake Aptos tokens as though they were real.

However, a bug on the part of the counterfeiter prevented massive losses. The spoofer used only six decimal places instead of eight, meaning that those who tried to redeem the fake tokens only received $250 instead of $25,000.

Upbit later re-enabled Aptos transactions after patching the bug.

Huobi exchange hacked for $8 million

Justin Sun confirmed on September 25 that his crypto exchange Huobi (recently rebranded to "HTX") had been hacked for 5,000 ETH ($8 million) the prior day. He reassured customers that the exchange would be covering the shortfall, and that "all user assets are #SAFU".

Sun offered a bounty to the hacker to return 95% of the funds, also promising to hire them as a "security white hat advisor" for the exchange. Otherwise, he threatened to go to law enforcement.

Two weeks later, the thief returned the funds, with a note that their hot wallet key had leaked. Huobi paid the $410,000 bounty.

Mixin Network discloses $200 million hack

The operators of the Mixin Network disclosed that hackers had stolen around $200 million in funds in the largest known hack of the year (to date). Mixin Network is a cross-chain project that boasts zero transaction fees.

In their announcement, Mixin wrote that "the database of Mixin Network's cloud service provider was attacked by hackers", leading to some confusion as Mixin is supposed to be a decentralized network that ostensibly shouldn't have a centralized cloud database.

Mixin announced they would be suspending deposits and withdrawals pending analysis of the incident. They also told users that they would be compensated "up to a maximum of 50%" on assets that had been stolen from them, and receive "tokenized liability claims" (that is, IOUs) for the rest.

Wallet phished for $4.46 million in fake mining scam

Someone lost over $4.4 million of the Tether stablecoin after falling victim to a phishing scam that promised them fake mining rewards. A phisher lured in the victim, likely earning their trust and then promising high returns thanks to a "mining" operation. Typically, these projects fool their victims by showing them a growing balance on the platform's software, even as the phishers drain their wallets.

These types of scams draw in tens of millions of dollars each month, and one researcher has estimated around $350 million in Tether have been stolen in these types of scams since September 2021.

Balancer frontend compromised

Balancer issued an urgent warning to stop using its web interface, as it was evidently compromised by malicious actors who redirected the funds to themselves. Within 30 minutes of the tweeted warning, $240,000 had already been stolen.

This is the second theft from Balancer in a month, after it warned of a critical vulnerability on August 22, and that vulnerability was exploited for around $2 million several days later.

JPEX hikes withdrawal fees amidst possible collapse

"We believe that the platform will not collapse," wrote JPEX, amidst apparent collapse. JPEX is a Hong Kong crypto exchange that was advertising more than 20% APY on various staking products.

The JPEX cryptocurrency exchange was the subject of a September 13 consumer warning by the Securities and Futures Commission (SFC), who said they were promoting services to Hong Kong residents without proper licensure. The following day, attendees of the Token 2049 crypto event observed that JPEX had abandoned the booth they'd rented. Then, JPEX hiked their withdrawal fees to as high as $999, and limited withdrawals to $1,000.

According to the South China Morning Post, customers have filed at least 83 complaints about the exchange, pertaining to crypto assets priced at $4.3 million. Hong Kong police have disclosed they are investigating the firm.

JPEX released a statement that the SFC was "exerting undue pressure on our platform", and asserted that the watchdog should "bear full responsibility for undermining the prospects" of the crypto industry in the region. Later, they accused their "partnered third-party market makers" of "maliciously fr[eezing] funds". They announced that, as a result, they would be pausing their Earn product. They also suspended their platform's gaming feature.

PolkaWorld halts operations, blames community governance

PolkaWorld, a major community within the Polkadot blockchain project, has announced that they will have to suspend operations as a funding proposal was overwhelmingly rejected. In June, Polkadot changed their governance model to community voting, away from a model in which small groups of ostensible experts made decisions for the network. PolkaWorld has blamed the failure of their request for 16,842 DOT (~$70,000) to fund Q4 2023 operations on this new voting model, which shut down their request with 93.3% "no" votes.

"Personally, we believe decentralization only works for the 'informed', it's not for everyone, no offense meant," wrote PolkaWorld on Twitter.

Killer Whales crypto reality show launches about two years too late

Promotional image for Killer Whales showing a group of judges standing behind the logoKiller Whales promo image (attribution)
Maybe they'd sunk too much money into producing Killer Whales to back out, or maybe its creators actually think that a Shark Tank-style crypto reality TV series is what it will take to return crypto to its former glory. A crypto-boosting show judged by crypto industry hustlers like Anthony "The Mooch" Scaramucci and shady operator Mario Nawfal has just published trailers for its scheduled January 2024 debut.

The trailer for the show features a duo pitching "Ape Water": Bored Ape-branded canned water that sells for $2.80/can. "We want to reimagine water... When you scan the can, that's when crypto and web3 is unlocked," says the booster. Revolutionary.

Even crypto Twitter seemed less than enthused, with one person writing that the show was "like Shark Tank, but cringe". Another wrote, "Just take a peep at the panel of judges it's full of crypto grifters and scammers".

Ethereum bungles "Holesky" testnet launch

Ethereum prepared to launch a new test network, called "Holesky", which was supposed to be massive compared to the mainnet in order to work on scaling problems. The launch was supposed to coincide with Ethereum's September 2022 "Merge", in which the network finally pulled off the long-awaited switch from proof of work to proof of stake.

However, the Holesky launch was a failure when developers misconfigured the network, causing it to fail to initiate. Developers announced they would try to relaunch the project a week after its intended go-live date. At least it was just a testnet.

Nouns DAO fractures in $27 million split

A pixel art illustration of a figure with a white teacup for a head, wearing boxy pink sunglasses and a green sweaterNoun #848 (attribution)
Nouns DAO, one of the most prominent Ethereum DAOs, has split into two projects after holders of around 56% of the Nouns NFTs in circulation voted to "ragequit". This means that they have forked into a new DAO, taking 16,757 ETH (~$27.3 million) of the original DAO's treasury with them.

Nouns NFTs have been popular since the project's launch in 2021, and in mid-2022 enjoyed a floor price of over 100 ETH (then over $150,000). Now they tend to sell for around 35 ETH (~$57,000). The DAO has used its substantial treasury to fund a wide range of projects, from creating Nouns short films, to distributing eyeglasses to kids, to partnering with Bud Light for a Super Bowl commercial in 2022.

Now, however, more than half of the project has opted to leave, with some leavers citing flawed decisionmaking and lack of leadership. As for the new fork, some Nouns owners may choose to "ragequit" — that is, forfeit their NFT and cash out their portion of the treasury (around 35.5 ETH, or $57,850, apiece). Some arbitrageurs have been buying Noun NFTs for months, hoping to use this ragequit functionality to profit.

NFL quarterback Trevor Lawrence, others settle FTX class action claims

Collage of photos of Trevor Lawrence, Kevin Paffrath, and Tom NashTrevor Lawrence, Kevin Paffrath, and Tom Nash (attribution)
Jacksonville Jaguars quarterback Trevor Lawrence has agreed to settle claims against him made in a class action lawsuit by FTX customers who say his endorsement of the fallen crypto exchange contributed their decision to use it. Also settling are finance YouTuber and crypto shills Kevin Paffrath and Tom Nash. The terms of the settlements were not disclosed.

Lawrence, Paffrath, and Nash are far from the only people facing class actions over their endorsements of FTX. Tom Brady, Gisele Bundchen, Steph Curry, Shaquille O'Neal, Larry David, are also facing lawsuits over their activities in promoting the firm.

Remitano hacked for $2.7 million

Crypto exchange Remitano suffered a hack in which $2.7 million in Tether (USDT), USDC, and Ankr was drained from the exchange's hot wallets across three blockchains. Luckily for them, Tether was able to freeze $1.9 million of the stolen funds, substantially reducing the attacker's profits.

Remitano acknowledged the hack, writing that they had suffered a "data breach from a third-party source". They have claimed that users' assets will not be affected by the theft.

Remitano is a peer-to-peer crypto exchange focused on emerging markets, including Nigeria, Pakistan, Venezuela, and Malaysia.

Crypto booster Mark Cuban hacked for $870,000

Mark CubanMark Cuban (attribution)
Billionaire crypto evangelist Mark Cuban apparently fell victim to a hack when an attacker was able to siphon around $870,000 in multiple cryptocurrencies from a wallet belonging to him. Cuban later acknowledged the hack to DL News. "They must have been watching," he said, explaining that "I'm pretty sure I downloaded a version of MetaMask with some shit in it".

This isn't the first time Cuban has been burned by the crypto industry. In June 2021, he lost "enough that I wasn't happy about it" in the collapse of the Titan stablecoin. Cuban is also a defendant in a class action lawsuit related to his endorsement of Voyager, a crypto broker that collapsed in July 2022.